QImage crash when reading some bmp files
-
The QImage will crash when reading the images of this link
"crash images":http://www.sendspace.com/file/ureh9l@
#include <QtCore>
#include <QtGui>int main(int argc, char *argv[])
{
QString const prefix = "C:/Qt/crash_pictures/";
QStringList name;
name << "rgb32-111110.bmp" << "rgb32bf.bmp" << "rgba32.bmp";for(int i = 0; i != name.size(); ++i){ qDebug() << name[i]; QImage read(prefix + name[i]); //crash at here qDebug() << read.isNull(); //can't reach this line qDebug() << read.format(); } return 0;
}
@I tried it on two versions of Qt
Qt4.8, compiler is mingw4.6.2, 32bits
Qt5.0, compiler is msvc2010 32bitsOS : win7 64bits
Any workaround to avoid the crash, thanks
Is this a bug of QImage, or my fault?
-
I created code like this but no problem occurs.
i use Ubuntu*but the slash in window paths like: / or
i always user windows slash like this: c:\windows*@#include <QApplication>
#include "widget.h"
#include <QDebug>int main(int argc, char *argv[])
{
QApplication a(argc, argv);
Widget w;
QStringList name;
QString const prefix = "/home/auda/Pictures/777/";
name << "Selection_009.bmp" << "Selection_015.bmp" ;for(int i = 0; i != name.size(); ++i){ qDebug() << name[i]; QImage read(prefix + name[i]); //no problem qDebug() << read.isNull(); // work fine qDebug() << read.format(); } w.show(); return a.exec();
}
@best wishes
-
Are you using the same images come from this link?
"crash image download":http://www.sendspace.com/file/ureh9lMost of the bmp would not make the program crash, but some of
them will crash it if you try to load it by QImage. -
Anyone know how to solve this problem?
Should I treat this as a bug and report it to bug tracker? -
I traced it by GDB, these are the messages I got
The program(alter a little bit)@
#include <QtCore>
#include <QtGui>int main(int argc, char *argv[])
{
QApplication a(argc, argv);QString const prefix = "C:/Qt/crash_pictures/"; QStringList name; name << "rgb32-111110.bmp" << "rgb32bf.bmp" << "rgba32.bmp"; for(int i = 0; i != name.size(); ++i){ qDebug() << name[i]; QImage read(prefix + name[i]); //crash at here qDebug() << read.isNull(); //can't reach this line qDebug() << read.format(); } QLabel label; label.show(); return a.exex();
}
@The call stack trace by GDB
@
0 read_dib_body qbmphandler.cpp 322 0x77af5a
1 QBmpHandler::read qbmphandler.cpp 770 0x77c733
2 QImageReader::read qimagereader.cpp 1205 0x75bd6f
3 QImageReader::read qimagereader.cpp 1155 0x75b96c
4 QImage::load qimage.cpp 5094 0x753fd3
5 QImage::QImage qimage.cpp 995 0x748deb
6 main main.cpp 66 0x401518@
signal received after crashed
@The inferior stop because it received a signal from the
operating system.Signal name : SIGFPE
Signal meaning : Arithmetic exception@Image with useful debug messages
this picture show you which line cause the program crash
"debug message":http://www.flickr.com/photos/92283971@N04/8386650746/in/photostreamAnyone know how to solve it?
compiler : mingw4.6.2
Qt version : Qt4.8.4
OS : win7 64bits -
yes u r right.
output:@"rgb32-111110.bmp"
The program has unexpectedly finished.
@why u not use anather programme to create images, may be it write images in wrong way...
-
So this may be some very unlikely coincidence, where "red_mask >> red_shift" is -1, so that line divides by zero. I guess the .bmp is broken, however, even a broken file shouldn't crash the image reader, it should at most abort the read process and return an invalid QImage. In this case it may even be handled more gracefully.
However this comes at a price. The fastest you could probably do is C-Cast that upper expression to unsigned int, but this seems to be in a tight loop, so it would slow down the reader... crash safety is more important than performance though.
Anyhow. File a bug in the Qt Bugtracker, as this clearly is one.This bug is a very similar problem:
https://bugreports.qt-project.org/browse/QTBUG-7530
And a comment might be made cross-referencing it. -
bq. why u not use anather programme to create images, may be it write images in wrong way
I use openCV to read the image, but some weird image
will make the program crash too.By the way, I need QImage
to show the image I read.bq. Anyhow. File a bug in the Qt Bugtracker, as this clearly is one.
I filed it on this page
https://bugreports.qt-project.org/browse/QTBUG-29194bq. So this may be some very unlikely coincidence, where “red_mask >> red_shift” is -1, so that line divides by zero.
Maybe you are correct, I remembered that primer warn us
better don't manipulate the bits of signed Integral types, and I
don't know why they don't use size_t but int?Anyway, thanks for your help.
-
The guess actually is correct. The screenshot shows, that red_mask was -2097152 and red_shift 21.
-2097152_d = 11000000000000000000000_b
So shifting that 21 places to the right yields (via arithmetic shift due to the signedness of the operands)
10000000000000000000001_b = -1_d